{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,27]],"date-time":"2026-02-27T03:45:48Z","timestamp":1772163948484,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":39,"publisher":"ACM","license":[{"start":{"date-parts":[[2008,4,1]],"date-time":"2008-04-01T00:00:00Z","timestamp":1207008000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2008,4]]},"DOI":"10.1145\/1352592.1352622","type":"proceedings-article","created":{"date-parts":[[2008,4,1]],"date-time":"2008-04-01T12:11:28Z","timestamp":1207051888000},"page":"287-299","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":12,"title":["Eudaemon"],"prefix":"10.1145","author":[{"given":"Georgios","family":"Portokalidis","sequence":"first","affiliation":[{"name":"Vrije Universiteit Amsterdam, Amsterdam, Netherlands"}]},{"given":"Herbert","family":"Bos","sequence":"additional","affiliation":[{"name":"Vrije Universiteit Amsterdam, Amsterdam, Netherlands"}]}],"member":"320","published-online":{"date-parts":[[2008,4]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Infecting ELF-files using function padding for Linux. http:\/\/vx.netlux.org\/lib\/vhe00.html  Infecting ELF-files using function padding for Linux. http:\/\/vx.netlux.org\/lib\/vhe00.html"},{"key":"e_1_3_2_1_2_1","unstructured":"Runtime Process Infection. http:\/\/www.phrack.org\/archives\/59\/p59--0x08.txt  Runtime Process Infection. http:\/\/www.phrack.org\/archives\/59\/p59--0x08.txt"},{"key":"e_1_3_2_1_3_1","unstructured":"Writing parasitic code in C. http:\/\/ares.x25zine.org\/ES\/txt\/C-parasites.txt.  Writing parasitic code in C. http:\/\/ares.x25zine.org\/ES\/txt\/C-parasites.txt."},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1145\/1217935.1217939"},{"key":"e_1_3_2_1_5_1","volume-title":"Usenix Security","author":"Anagnostakis K. G.","year":"2005","unstructured":"K. G. Anagnostakis , S. Sidiroglou , P. Akritidis , E. M. K. Xinidis , and A. D. Keromytis . Detecting targeted attacks using shadow honeypots . In Usenix Security , Baltimore, MD , August 2005 . K. G. Anagnostakis, S. Sidiroglou, P. Akritidis, E. M. K. Xinidis, and A. D. Keromytis. Detecting targeted attacks using shadow honeypots. In Usenix Security, Baltimore, MD, August 2005."},{"key":"e_1_3_2_1_6_1","first-page":"41","volume-title":"Proc. of USENIX ATC","author":"Bellard F.","year":"2005","unstructured":"F. Bellard . QEMU, a fast and portable dynamic translator . In Proc. of USENIX ATC , pages 41 -- 46 , Anaheim,CA , April 2005 . F. Bellard. QEMU, a fast and portable dynamic translator. In Proc. of USENIX ATC, pages 41--46, Anaheim,CA, April 2005."},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/1134760.1220164"},{"key":"e_1_3_2_1_8_1","first-page":"105","volume-title":"Proc. of USENIX Security","author":"Bhatkar S.","year":"2003","unstructured":"S. Bhatkar , D. D. Varney , and R. Sekar . Address obfuscation: an efficient approach to combat a broad range of memory error exploits . In Proc. of USENIX Security , pages 105 -- 120 , August 2003 . S. Bhatkar, D. D. Varney, and R. Sekar. Address obfuscation: an efficient approach to combat a broad range of memory error exploits. In Proc. of USENIX Security, pages 105--120, August 2003."},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2006.41"},{"key":"e_1_3_2_1_10_1","first-page":"91","volume-title":"In Proc. of the 12th USENIX Security Symposium","author":"Cowan C.","year":"2003","unstructured":"C. Cowan , S. Beattie , J. Johansen and P. Wagle . PointGuard: Protecting pointers from buffer overflow vulnerabilities . In In Proc. of the 12th USENIX Security Symposium , pages 91 -- 104 , August 2003 . C. Cowan, S. Beattie, J. Johansen and P. Wagle. PointGuard: Protecting pointers from buffer overflow vulnerabilities. In In Proc. of the 12th USENIX Security Symposium, pages 91--104, August 2003."},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1109\/MICRO.2004.26"},{"key":"e_1_3_2_1_12_1","volume-title":"Perry Wagle and Qian Zhang. StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks. In 7th USENIX Security Symposium","author":"Cowan Crispin","year":"2002","unstructured":"Crispin Cowan , Calton Pu , Dave Maier , Heather Hintony , Jonathan Walpole , Peat Bakke , Steve Beattie , Aaron Grier , Perry Wagle and Qian Zhang. StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks. In 7th USENIX Security Symposium , San Francisco, CA , 2002 . Crispin Cowan, Calton Pu, Dave Maier, Heather Hintony, Jonathan Walpole, Peat Bakke, Steve Beattie, Aaron Grier, Perry Wagle and Qian Zhang. StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks. In 7th USENIX Security Symposium, San Francisco, CA, 2002."},{"key":"e_1_3_2_1_13_1","volume-title":"The 13th Annual Network and Distributed System Security Symposium (NDSS)","author":"Cui W.","year":"2006","unstructured":"W. Cui , V. Paxson , N. Weaver , and R. Katz . Protocol-independent adaptive replay of application dialog . In The 13th Annual Network and Distributed System Security Symposium (NDSS) , San Diego, CA , February 2006 . W. Cui, V. Paxson, N. Weaver, and R. Katz. Protocol-independent adaptive replay of application dialog. In The 13th Annual Network and Distributed System Security Symposium (NDSS), San Diego, CA, February 2006."},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1007\/11856214_16"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/360051.360056"},{"key":"e_1_3_2_1_16_1","unstructured":"eEye. eeye industry newsletter. http:\/\/www.eeye.com\/html\/resources\/newsletters\/versa\/VE20070516.html#techtal%k May 2007.  eEye. eeye industry newsletter. http:\/\/www.eeye.com\/html\/resources\/newsletters\/versa\/VE20070516.html#techtal%k May 2007."},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1147\/sj.422.0347"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/948109.948146"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSECP.2004.1264861"},{"key":"e_1_3_2_1_20_1","volume-title":"Cambridge Computer Seminar","author":"Lampson B.","year":"2005","unstructured":"B. Lampson . Accountability and freedom . In Cambridge Computer Seminar , Cambridge, UK , October 2005 . B. Lampson. Accountability and freedom. In Cambridge Computer Seminar, Cambridge, UK, October 2005."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1007\/11856214_10"},{"key":"e_1_3_2_1_22_1","first-page":"288","volume-title":"Proceedings of the 1st Workshop on Hot Topics in System Dependability (HotDep)","author":"Locasto M. E.","year":"2005","unstructured":"M. E. Locasto , S. Sidiroglou , and A. D. Keromytis . Application communities: Using monoculture for dependability . In Proceedings of the 1st Workshop on Hot Topics in System Dependability (HotDep) , pages 288 -- 292 , Yokohama, Japan , June 2005 . M. E. Locasto, S. Sidiroglou, and A. D. Keromytis. Application communities: Using monoculture for dependability. In Proceedings of the 1st Workshop on Hot Topics in System Dependability (HotDep), pages 288--292, Yokohama, Japan, June 2005."},{"key":"e_1_3_2_1_23_1","first-page":"219","volume-title":"Proceedings of the 2007 USENIX Annual Technical Conference","author":"Locasto M. E.","year":"2007","unstructured":"M. E. Locasto , A. Stavrou , G. F. Cretu , and A. D. Keromytis . From stem to sead: Speculative execution for automated defense . In Proceedings of the 2007 USENIX Annual Technical Conference , pages 219 -- 232 , June 2007 . M. E. Locasto, A. Stavrou, G. F. Cretu, and A. D. Keromytis. From stem to sead: Speculative execution for automated defense. In Proceedings of the 2007 USENIX Annual Technical Conference, pages 219--232, June 2007."},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/1095810.1095824"},{"key":"e_1_3_2_1_25_1","volume-title":"Proc. of NDSS'06","author":"Moshchuk A.","year":"2006","unstructured":"A. Moshchuk , T. Bragin , S. D. Gribble , and H. M. Levy . A crawler-based study of spyware in the web . In Proc. of NDSS'06 , February 2006 . A. Moshchuk, T. Bragin, S. D. Gribble, and H. M. Levy. A crawler-based study of spyware in the web. In Proc. of NDSS'06, February 2006."},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/1180405.1180444"},{"key":"e_1_3_2_1_27_1","volume-title":"Proc. of the 12th Annual Network and Distributed System Security Symposium (NDSS)","author":"Newsome J.","year":"2005","unstructured":"J. Newsome and D. Song . Dynamic taint analysis for automatic detection analysis and signature generation of exploits on commodity software . In Proc. of the 12th Annual Network and Distributed System Security Symposium (NDSS) , 2005 . J. Newsome and D. Song. Dynamic taint analysis for automatic detection analysis and signature generation of exploits on commodity software. In Proc. of the 12th Annual Network and Distributed System Security Symposium (NDSS), 2005."},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/1217935.1217938"},{"key":"e_1_3_2_1_29_1","volume-title":"Microsoft Systems Journal (MSJ)","author":"Richter J.","year":"1996","unstructured":"J. Richter . Load your 32-bit dll into another process's address space using injlib . Microsoft Systems Journal (MSJ) , January 1996 . J. Richter. Load your 32-bit dll into another process's address space using injlib. Microsoft Systems Journal (MSJ), January 1996."},{"key":"e_1_3_2_1_30_1","volume-title":"http:\/\/www.sans.org\/top20\/2006\/press_release.pdf","author":"SANS.","year":"2006","unstructured":"SANS. Sans institute press update. http:\/\/www.sans.org\/top20\/2006\/press_release.pdf , 2006 . SANS. Sans institute press update. http:\/\/www.sans.org\/top20\/2006\/press_release.pdf, 2006."},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/1030083.1030124"},{"key":"e_1_3_2_1_32_1","volume-title":"Proceedings of the 2005 USENIX Annual Technical Conference","author":"Sidiroglou S.","year":"2005","unstructured":"S. Sidiroglou , M. Locasto , S. Boyd , and A. Keromytis . Building a reactive immune system for software services . In Proceedings of the 2005 USENIX Annual Technical Conference , 2005 . S. Sidiroglou, M. Locasto, S. Boyd, and A. Keromytis. Building a reactive immune system for software services. In Proceedings of the 2005 USENIX Annual Technical Conference, 2005."},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2007.32"},{"key":"e_1_3_2_1_34_1","first-page":"123","volume-title":"Virus Bulletin Conference","author":"Szor P.","year":"2001","unstructured":"P. Szor and P. Ferrie . Hunting for metamorphic . In Virus Bulletin Conference , pages 123 -- 144 , Abingdon, Oxfordshire, England , September 2001 . P. Szor and P. Ferrie. Hunting for metamorphic. In Virus Bulletin Conference, pages 123--144, Abingdon, Oxfordshire, England, September 2001."},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/1272996.1273010"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/1180405.1180412"},{"key":"e_1_3_2_1_37_1","volume-title":"Proc. Network and Distributed System Security (NDSS)","author":"Wang Y.-M.","year":"2006","unstructured":"Y.-M. Wang , D. Beck , X. Jiang , R. Roussev , C. Verbowski , S. Chen , and S. King . Automated web patrol with strider honeymonkeys: Finding web sites that exploit browser vulnerabilities . In Proc. Network and Distributed System Security (NDSS) , San Diego, CA , February 2006 . Y.-M. Wang, D. Beck, X. Jiang, R. Roussev, C. Verbowski, S. Chen, and S. King. Automated web patrol with strider honeymonkeys: Finding web sites that exploit browser vulnerabilities. In Proc. Network and Distributed System Security (NDSS), San Diego, CA, February 2006."},{"key":"e_1_3_2_1_38_1","volume-title":"Firewalls and Internet Security: repelling the wily hacker","author":"Cheswick S. M. B.","year":"2016","unstructured":"S. M. B. William R. Cheswick , Aviel D. Rubin . Firewalls and Internet Security: repelling the wily hacker ( 2 nd ed.). Addison-Wesley , ISBN 0 2016 3466X, 2003. S. M. B. William R. Cheswick, Aviel D. Rubin. Firewalls and Internet Security: repelling the wily hacker (2nd ed.). Addison-Wesley, ISBN 020163466X, 2003.","edition":"2"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2006.38"}],"event":{"name":"Eurosys '08: Eurosys 2008 Conference","location":"Glasgow Scotland UK","acronym":"Eurosys '08","sponsor":["SIGOPS ACM Special Interest Group on Operating Systems","ACM Association for Computing Machinery"]},"container-title":["Proceedings of the 3rd ACM SIGOPS\/EuroSys European Conference on Computer Systems 2008"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1352592.1352622","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1352592.1352622","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T09:56:19Z","timestamp":1750240579000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1352592.1352622"}},"subtitle":["involuntary and on-demand emulation against zero-day exploits"],"short-title":[],"issued":{"date-parts":[[2008,4]]},"references-count":39,"alternative-id":["10.1145\/1352592.1352622","10.1145\/1352592"],"URL":"https:\/\/doi.org\/10.1145\/1352592.1352622","relation":{"is-identical-to":[{"id-type":"doi","id":"10.1145\/1357010.1352622","asserted-by":"object"}]},"subject":[],"published":{"date-parts":[[2008,4]]},"assertion":[{"value":"2008-04-01","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}